Merchants are required to inspect their devices for signs of tampering on a daily basis. They are also required to keep a log of these device inspections. The tamper inspections and inspection logging are part of overall compliance to PCI DSS. 

A merchant must be able to immediately produce these logs upon request. If useful, please see below for a sample inspection log which has been provided to us by our QSA. A merchant may certainly add additional areas to inspect, as seem appropriate. 

If any signs of terminal tampering exist, including if a terminal is not able to be located, a merchant should notify the Treasurer’s Office immediately by emailing [email protected].